These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2017-2578 is a cross-site scripting (XSS) issue in Moodle 3.x affecting the assignment submission page. NVD rates it as medium severity, with a network-reachable attack path that requires user interaction and can impact both confidentiality and integrity in the victim’s browser context.
CVE-2017-2576 is a Medium-severity Moodle issue affecting forum handling in Moodle 2.x and 3.x. The flaw is described as incorrect sanitization of attributes in forums, which can lead to an integrity impact. NVD assigns CVSS 3.0 5.3 and classifies the weakness as CWE-20 (Improper Input Validation).
CVE-2016-8644 describes an access-control mistake in Moodle where the capability to view course notes is checked in the wrong context. In practical terms, that can let a user see course notes when the permission decision is made against the wrong scope. NVD rates the issue Medium with CVSS 3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating a network-reachable confidentiality impact without integri [truncated]
CVE-2016-8643 describes an authorization problem in Moodle’s web services layer where non-admin site managers may accidentally edit administrator accounts. The issue was publicly disclosed on 2017-01-20, and the NVD record was later modified on 2026-05-13. NVD rates the impact as medium (CVSS 3.0 4.3) with network access, low privileges, no user interaction, and integrity impact only.
CVE-2016-8642 is a Moodle access control weakness in the question engine that can allow access to files that should not be available. NVD rates it medium severity (CVSS 5.3) with network attack, no privileges, and no user interaction required, and the impact is limited to confidentiality. The record was published on 2017-01-20 and later modified on 2026-05-13.
CVE-2016-7038 is a Moodle token-lifecycle flaw: web service tokens are not invalidated when a user changes their password or is forced to change it. In practice, that means a stolen or otherwise exposed token can continue to work even after password remediation, weakening a common containment step.
CVE-2016-5014 affects Moodle's event monitoring behavior: an unenrolled user can still receive notifications even after they can no longer access the course. That makes the issue an information disclosure problem rather than a direct service outage, but it can still expose course-related activity to someone who should no longer see it.
CVE-2016-5013 describes a text injection flaw in Moodle email header handling that could be abused to influence outbound email content and potentially cause spam to be sent from a vulnerable site. NVD rates the issue as medium severity, with network exposure but requiring user interaction. The practical risk is most relevant for organizations that rely on Moodle-generated mail and want to protect sender r [truncated]
CVE-2016-5012 is a medium-severity information-disclosure issue in Moodle’s glossary search. According to the CVE description, glossary search could display entries without first checking whether the user had permission to view them. That means content meant to remain restricted could become visible to unauthorized users through search results. NVD lists affected Moodle 3.1.0 builds, including beta, RC1, [truncated]